Heads Of State On NSO Spyware List

Uploaded on 2021-07-24 in INTELLIGENCE--International, FREE TO VIEW, TECHNOLOGY--Hackers

French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the Israeli spyware firm NSO GroupPresident Macron has had to change his phone and phone number because Pegasus spyware, most probably targeted him, a French government official said. Ironically, Macron has recently held an emergency meeting on cyber security at the Élysée Palace. 

New evidence uncovered by a consortium of investigative journalists, collectively known as the 'Pegasus Project' has revealed that the phone numbers for heads of state, including President Macron, Pakistan’s Imran Khan and South Africa’s Cyril Ramaphosa, as well as hundreds of government officials, were selected as 'people of interest' by clients of spyware company NSO Group.  

Other potential targets found on a list of 50k phone numbers leaked to the charity Amnesty International include Barham Salih of Iraq, King Mohammed VI of Morocco and three current prime ministers, Imran Khan of Pakistan, Mustafa Madbouly of Egypt and Saad Eddine El Othmani of Morocco.

Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spywareThirty-seven phones identified in the Pegasus Project investigation were either breached or shows signs of attempted infection.

In Paris, the city's Prosecutor’s Office announced that it too was investigating the suspected widespread use of NSO’s military-grade Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.

The Paris prosecutor’s office said in a statement that it opened an investigation into a raft of potential charges, including violation of privacy, illegal use of data and illegally selling spyware. As is common under French law, the investigation doesn’t name a suspected perpetrator but is aimed at determining who might eventually be sent to trial. It was prompted by a legal complaint by two journalists and investigative website Mediapart. An official in Macron’s office said authorities would investigate Le Monde’s report, and if the targeting is proven, it would be “extremely grave.”

Amnesty International’s Secretary General Agnes Callamard said: “The unprecedented revelation that the phones of at least fourteen heads of state may have been hacked using NSO Group’s Pegasus spyware should send a chill down the spine of world leaders... We have long known that activists and journalists are targets of this surreptitious phone-hacking – but it’s clear that even those at the highest levels of power cannot escape the sinister spread of NSO’s spyware." 

NSO Group can no longer hide behind the claim that its spyware is only used to fight crime, it appears that Pegasus is also the spyware of choice for those wanting to snoop on foreign governments, according to the claims of Pegasus Project invetigators.

“NSO Group must immediately stop selling its equipment to countries with a track record of putting human right defenders and journalists under unlawful surveillance...  The Israeli government should also not authorise licenses for the export of NSO Group’s cyber surveillance technology if there is a substantial risk it could be used for human rights violations.” Callamard, said in a statement.

Another company identified by Amnesty as hosting NSO servers was cloud computing dvelopment firm, DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers. “All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean,” it said in an emailed statement.

The consortium’s findings significantly widen the scope of alleged abuses in which NSO Group has been implicated. Those include the surveillance of friends and relatives of journalist Jamal Khashoggi, who was killed inside the Saudi consulate in Istanbul in 2018, and highlight what critics call the urgent need to regulate global sales of commercial hacking tools. Leading French daily newspaper Le Monde said the phone numbers for Macron and other government members were among thousands allegedly selected by NSO clients for potential surveillance. In this case, the client was an unidentified Moroccan security service, according to Le Monde.

Consortium members said they were able to link more than 1,000 numbers in 50 countries on the list with individuals, including more than 600 politicians and government officials and 189 journalists. The largest share were in Mexico and the Middle East, where Saudi Arabia is reported to be among NSO clients. Also on the list were phone numbers in Azerbaijan, Kazakhstan, Pakistan, Morocco and Rwanda, as well as ones for several Arab royal family members, the consortium reported.

NSO Group has denied that it ever maintained “a list of potential, past or existing targets and Le Monde has quoted NSO as saying the French president was never targeted by its clients. The source of the leak  and how it was authenticated  has not been disclosed.

While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it was confident the data indicated potential targets of NSO’s government clients.

Multiple lawsuits by alleged victims have been filed against NSO Group including by Facebook over the Israeli firm’s alleged hacking of its WhatsApp application and investigations are under way to determine whether the spyware was actually installed on the phones or whether data was retrieved.

Amnesty International:    France24:   Washington Post:   Guardian:     Marketwatch:   

APNews:   Security Week:      Military.com:      

You Might Also Read: 

Wanted: An International Cyber Security Law

 

« IBM Watson In Demand
The State Of Cyber Security In Healthcare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Planit Testing

Planit Testing

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

Redspin

Redspin

Redspin provide penetration testing, security assessments and consulting services.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Singular Security

Singular Security

Singular Security help public and private organizations minimize cybersecurity risk and pass their IT compliance audit.

Octo

Octo

Octo, an IBM company, is a technology firm dedicated to solving the Federal Government’s most complex challenges, enabling agencies to jump the technology curve.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Cigent Technology

Cigent Technology

Cigent keeps the most valuable asset in your organization safe—your data. Our advanced endpoint and managed network security solutions prevent ransomware and data theft.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

CyberX9

CyberX9

CyberX9 helps you protect against a wide range of cyber attacks whether you are a business or a high-net worth individual under risk.

Binalyze

Binalyze

Binalyze is the world's fastest and most comprehensive enterprise forensics solution. Our software helps you to collaborate and complete incident response investigations quickly.

Reaktr.ai

Reaktr.ai

Reaktr.ai is founded on the vision of using AI as a catalyst to propel industries into a future where we redefine what's possible. Fortify your cybersecurity defense with our AI-powered platform.

AKS iQ

AKS iQ

AKS iQ leads the RegTech sector with AI, automating regulatory compliance in the banking industry and ensuring paperless TBML and CFT adherence in finance.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.

Tria Federal

Tria Federal

Tria Federal is the premier middle-market Technology and Advisory services provider delivering digital transformation solutions to federal health and public safety agencies.